0d78ae6b3c4c0be0495555a4208228716f0bc8068ef0842a6086439df19a02e4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d78ae6b3c4c0be0495555a4208228716f0bc8068ef0842a6086439df19a02e4
Size

433KB
MD5

9544464a09a651b964408c0e05089969
SHA1

7c284ddff96ecf4c47f26a8a128ba4df5f0e325a
SHA256

0d78ae6b3c4c0be0495555a4208228716f0bc8068ef0842a6086439df19a02e4
SHA512

3c049a14fae07049a183a4b7ef6caf18e5fa88968575525fcc2c1466d407306056000a678bd920ffb5ccb39c0fee3954ae0c648fcba9b35748e1ec9ec0871862
SSDEEP

6144:j4kStFGRcP4PRgPwMzrha7kfXfIlyWuvn7isUvaz8C+7FYo/1jt8DdzOcsql6Qqk:WUUPwcLkEvnOnCc5Dz8DXH/r

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

0d78ae6b3c4c0be0495555a4208228716f0bc8068ef0842a6086439df19a02e4
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 772KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 290KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 142KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 564KB - Virtual size: 562KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ